Cybersecurity For Your Business
Don’t make the mistake of assuming that just because you run a small business or don’t collect payment information that your business is safe from hackers. There is a lot of private information available that hackers and thieves can use to make money from, and businesses small and large are targets.
Be aware of vulnerabilities in your system and take the steps to address them, before it’s too late.
Conduct a Cyber Threat Assessment
Most business owners simply don’t know if they have enough cyber security – or the right solutions – to protect their digital assets.
A thorough threat assessment is the ideal first step to knowing precisely where and how your business may be vulnerable to cyber intruders.
Consider contracting a cyber security specialist to help you analyse your digital ecosystem and data storage practices, in order to identify weak areas and create a security action plan.
You may also want to be looking at a product like LastPass or Practice Protect.
Install a Firewall and Anti-virus Software
Seems like a no brainer right! Though I have heard many a story where subscriptions were not renewed or the set-up was not completed correctly, resulting in vulnerabilities. Cyber attackers use highly sophisticated automated software to seek out and infiltrate poorly defended networks.
Ensure your business doesn’t get caught in their net, by installing a firewall that can control incoming and outgoing data and help prevent unauthorized access to your network.
Other practical steps you can take to protect yourself include:
- Ensuring your anti-virus software is always up to date.
- Updating your browser and applications like Java and Flash to the latest version.
- Protecting your WiFi by making it invisible to outsiders, encrypted and secure.
Keep your employees informed and trained
The unfortunate truth is that human error is one of the weaknesses through which hackers can attack your business. Employees are constantly hooked up to your network, whether that’s through email, company-provided computers, or working from home.
Make sure you have security protocols for accessing your network, and ensure your employees are aware of them. Keep a checklist handy that your employees (and anyone who accesses your network) can access. Regularly update your policies to reflect the new techniques cybercriminals develop. Train your staff on how to spot suspicious looking emails and what to do if they are unsure about an email.
Here are some questions to ask:
- Are there rules about when employees can be connected to your network or what they can do while connected?
- Do you have policies about password protection?
- Are employees allowed to take company laptops and tablets home with them?
- If so, what are the rules around doing so?
Ensure your staff understand and follow best practice when it comes to cyber awareness:
- Develop an easy-to-read cyber security guide so employees are better equipped to identify and deal with malware, dangerous email attachments, phishing attempts and other digital threats.
- Meet regularly to discuss new potential online threats so team members know what to watch for.
- Encourage each team member to speak up immediately if they notice suspicious behaviour or emails.
Update your network regularly
Your computers, network and system should be updated regularly. These updates provide additional protection for your company. As developers become aware of new threats, they create programs designed to prevent the latest hacker techniques and spread those through updates. Old, outdated networks are easier for hackers to access.
In addition to updating your network, take the time to regularly inspect your system for weaknesses and take the steps to address those vulnerabilities.
Also, for your smart devices, ensure you action the prompts to install updates straight away, as these often contain security updates to cover your devices from the latest threats.
Be aware of information breaches
It isn’t just credit card information that hackers are after. Personal information, passwords, and other sensitive data can be sold and used for fraudulent purposes. Your business may not collect credit card and other payment information, but that doesn’t mean you don’t have data that’s valuable for hackers.
If you have any information that could be bought, used for fraud or identity theft, or used for extortion, you need to take steps to protect that information.
Once your network has been hacked, you risk losing your customers’ trust. Once that trust is gone, it’s hard to get it back.
Keep up-to-date on the latest scams and threats
Monitor the media and security sites to keep informed about the latest techniques being used by scammers so that you’ll be better able to identify them if they approach you. For example, phone calls to your business asking your staff for information, or that there is an issue with the company computers that the caller can help fix.